def test_sucess(self):
"If all conditions are met, change password"
# Create a user.
user = self.makeUser('thruflo', 'Password')
Session.add(user)
old_hash = user.password
self.authenticate()
# Attempt to change password.
post_data = {
'old_password': '******',
'new_password': '******',
'new_confirm': 'sworDpas',
'next': '/foo/bar',
}
res = self.app.post('/auth/change_password', post_data)
# Verify that password has changed
Session.add(user)
Session.refresh(user)
self.assertNotEquals(user.password, old_hash)
# Verify redirect
self.assertEquals(res.headers['Location'], 'http://localhost/foo/bar')
def test_success(self):
"Set preferred email address"
# Create user with email address
user = self.makeUserWithEmail()
# Add another one
user.emails.append(model.Email(address=u'*****@*****.**',
is_preferred=True))
model.save(user)
transaction.commit()
Session.add(user)
email1, email2 = user.emails
# Sanity check
self.assertNotEquals(user.preferred_email, email1)
self.assertEquals(user.preferred_email, email2)
# Attempt to make the address primary
self.authenticate()
self.app.post('/auth/prefer_email', {
'email_address': email1.address
})
# Verify that email is not the user's preferred email
Session.add(email1)
Session.refresh(email1)
self.assertEquals(user.preferred_email, email1)
self.assertNotEquals(user.preferred_email, email2)
def test_success(self):
"Token is valid, email address should be confirmed"
# Create a user
user = self.makeUserWithEmail()
# Sanity check
self.assertFalse(user.emails[0].is_confirmed)
# Get valid confirmation link
email = user.emails[0]
confirmation_link = self.makeConfirmationLink(email)
# Attempt to confirm email address
res = self.app.get(confirmation_link)
self.assertTrue(res.location.endswith('victory_path'))
# Now configure settings with a route that doesn't exist
settings = {'simpleauth.after_confirm_email_route': 'success_path'}
self.config = config_factory(**settings)
# Not adding the route!
self.app = TestApp(self.config.make_wsgi_app())
res = self.app.get(confirmation_link)
self.assertEquals(res.location, 'http://localhost/')
# Verify that email address has been confirmed
Session.add(email)
Session.refresh(email)
self.assertTrue(email.is_confirmed)
def test_wrong_old_password(self):
"No password change if old password is not corret"
# Create a user.
user = self.makeUser('thruflo', 'Password')
Session.add(user)
old_hash = user.password
self.authenticate()
# Attempt to change password.
post_data = {
'old_password': '******',
'new_password': '******',
'new_confirm': 'swordpas',
'next': '/foo/bar',
}
res = self.app.post('/auth/change_password', post_data)
# Verify that password hasn't changed
Session.add(user)
Session.refresh(user)
self.assertTrue("Wrong current password" in res.body)
self.assertTrue("/foo/bar" in res.body)
self.assertEquals(user.password, old_hash)
def test_sucess(self):
"If all conditions are met, change password"
# Create a user.
user = self.makeUser('thruflo', 'Password')
Session.add(user)
old_hash = user.password
self.authenticate()
# Attempt to change password.
post_data = {
'old_password': '******',
'new_password': '******',
'new_confirm': 'sworDpas',
'next': '/foo/bar',
}
res = self.app.post('/auth/change_password', post_data)
# Verify that password has changed
Session.add(user)
Session.refresh(user)
self.assertNotEquals(user.password, old_hash)
# Verify redirect
self.assertEquals(res.headers['Location'], 'http://localhost/foo/bar')
def test_success(self):
"Set preferred email address"
# Create user with email address
user = self.makeUserWithEmail()
# Add another one
user.emails.append(
model.Email(address=u'*****@*****.**', is_preferred=True))
model.save(user)
transaction.commit()
Session.add(user)
email1, email2 = user.emails
# Sanity check
self.assertNotEquals(user.preferred_email, email1)
self.assertEquals(user.preferred_email, email2)
# Attempt to make the address primary
self.authenticate()
self.app.post('/auth/prefer_email', {'email_address': email1.address})
# Verify that email is not the user's preferred email
Session.add(email1)
Session.refresh(email1)
self.assertEquals(user.preferred_email, email1)
self.assertNotEquals(user.preferred_email, email2)
def test_success(self):
"Token is valid, email address should be confirmed"
# Create a user
user = self.makeUserWithEmail()
# Sanity check
self.assertFalse(user.emails[0].is_confirmed)
# Get valid confirmation link
email = user.emails[0]
confirmation_link = self.makeConfirmationLink(email)
# Attempt to confirm email address
res = self.app.get(confirmation_link)
self.assertTrue(res.location.endswith('victory_path'))
# Now configure settings with a route that doesn't exist
settings = {'simpleauth.after_confirm_email_route': 'success_path'}
self.config = config_factory(**settings)
# Not adding the route!
self.app = TestApp(self.config.make_wsgi_app())
res = self.app.get(confirmation_link)
self.assertEquals(res.location, 'http://localhost/')
# Verify that email address has been confirmed
Session.add(email)
Session.refresh(email)
self.assertTrue(email.is_confirmed)
def test_wrong_old_password(self):
"No password change if old password is not corret"
# Create a user.
user = self.makeUser('thruflo', 'Password')
Session.add(user)
old_hash = user.password
self.authenticate()
# Attempt to change password.
post_data = {
'old_password': '******',
'new_password': '******',
'new_confirm': 'swordpas',
'next': '/foo/bar',
}
res = self.app.post('/auth/change_password', post_data)
# Verify that password hasn't changed
Session.add(user)
Session.refresh(user)
self.assertTrue("Wrong current password" in res.body)
self.assertTrue("/foo/bar" in res.body)
self.assertEquals(user.password, old_hash)
def test_sucess(self):
"If all conditions are met, change password"
# Create a user.
user = self.makeUser("thruflo", "Password")
Session.add(user)
old_hash = user.password
self.authenticate()
# Attempt to change password.
post_data = {
"old_password": "******",
"new_password": "******",
"new_confirm": "sworDpas",
"next": "/foo/bar",
}
res = self.app.post("/auth/change_password", post_data)
# Verify that password has changed
Session.add(user)
Session.refresh(user)
self.assertNotEquals(user.password, old_hash)
# Verify redirect
self.assertEquals(res.headers["Location"], "http://localhost/foo/bar")
def test_wrong_old_password(self):
"No password change if old password is not corret"
# Create a user.
user = self.makeUser("thruflo", "Password")
Session.add(user)
old_hash = user.password
self.authenticate()
# Attempt to change password.
post_data = {
"old_password": "******",
"new_password": "******",
"new_confirm": "swordpas",
"next": "/foo/bar",
}
res = self.app.post("/auth/change_password", post_data)
# Verify that password hasn't changed
Session.add(user)
Session.refresh(user)
self.assertTrue("Wrong current password" in res.body)
self.assertTrue("/foo/bar" in res.body)
self.assertEquals(user.password, old_hash)
def test_new_passwords_dont_match(self):
"No password change if new passwords don't match"
# Create a user.
user = self.makeUser("thruflo", "Password")
Session.add(user)
old_hash = user.password
self.authenticate()
# Attempt to change password.
post_data = {"old_password": "******", "new_password": "******", "new_confirm": "oswdrpsa"}
res = self.app.post("/auth/change_password", post_data)
# Verify that password hasn't changed
Session.add(user)
Session.refresh(user)
self.assertTrue("Fields do not match" in res.body)
self.assertEquals(user.password, old_hash)
def test_new_passwords_dont_match(self):
"No password change if new passwords don't match"
# Create a user.
user = self.makeUser('thruflo', 'Password')
Session.add(user)
old_hash = user.password
self.authenticate()
# Attempt to change password.
post_data = {
'old_password': '******',
'new_password': '******',
'new_confirm': 'oswdrpsa',
}
res = self.app.post('/auth/change_password', post_data)
# Verify that password hasn't changed
Session.add(user)
Session.refresh(user)
self.assertTrue("Fields do not match" in res.body)
self.assertEquals(user.password, old_hash)
def test_new_passwords_dont_match(self):
"No password change if new passwords don't match"
# Create a user.
user = self.makeUser('thruflo', 'Password')
Session.add(user)
old_hash = user.password
self.authenticate()
# Attempt to change password.
post_data = {
'old_password': '******',
'new_password': '******',
'new_confirm': 'oswdrpsa',
}
res = self.app.post('/auth/change_password', post_data)
# Verify that password hasn't changed
Session.add(user)
Session.refresh(user)
self.assertTrue("Fields do not match" in res.body)
self.assertEquals(user.password, old_hash)
def test_failure(self):
"Token is invalid, email address should not be confirmed"
# Create a user
user = self.makeUserWithEmail()
# Sanity check
self.assertFalse(user.emails[0].is_confirmed)
# Bogus attempts to confirm email address
# 1. malformed link
url = '/auth/confirm/foo'
res = self.app.get(url)
self.assertTrue('invalid' in res.body)
# 2. invalid token
email = user.emails[0]
url = self.makeConfirmationLink(email) + 'gibberish'
res = self.app.get(url)
self.assertTrue('invalid' in res.body)
# Verify that email address has been confirmed
Session.add(email)
Session.refresh(email)
self.assertFalse(email.is_confirmed)
def test_failure(self):
"Token is invalid, email address should not be confirmed"
# Create a user
user = self.makeUserWithEmail()
# Sanity check
self.assertFalse(user.emails[0].is_confirmed)
# Bogus attempts to confirm email address
# 1. malformed link
url = '/auth/confirm/foo'
res = self.app.get(url)
self.assertTrue('invalid' in res.body)
# 2. invalid token
email = user.emails[0]
url = self.makeConfirmationLink(email) + 'gibberish'
res = self.app.get(url)
self.assertTrue('invalid' in res.body)
# Verify that email address has been confirmed
Session.add(email)
Session.refresh(email)
self.assertFalse(email.is_confirmed)
